Re: [ADVANCED-DOTNET] Encrypted value in App.config

Thu, 25 Aug 2005 09:13:56 -0700 

Then I guess I was just using a type of encryption that wasn't supported. 
The providor I used was TripleDESCryptoServiceProvider.  I wrote the encryption 
a few years ago with Beta 2.  Below is my code. 

I would get the bytes of the string to encrypt by

    Public Shared Function GetBytes(ByVal S As String) As Byte()
        Dim UTF8 As New System.Text.UnicodeEncoding
        Return UTF8.GetBytes(S)
    End Function

then run this

    Private Function EnCrypt(ByVal pKey As String, ByRef pData() As Byte) As 
Byte()
        Dim ICrypt As ICryptoTransform
        Dim Provider As New TripleDESCryptoServiceProvider
        Dim Key() As Byte
        Dim IV() As Byte
        Dim i As Long
        Dim Ret() As Byte

        Key = GenerateDesKey()
        IV = GenerateIVkey(pKey)
        ICrypt = Provider.CreateEncryptor(Key, IV)
        'miv = IV
        Ret = ICrypt.TransformFinalBlock(pData, 0, pData.GetLength(0))

        Dim Ret2(Ret.Length - 1 + IV.Length) As Byte
        For i = 0 To Ret.Length - 1
            Ret2(i) = Ret(i)
        Next

        For i = Ret.Length To IV.Length - 1 + Ret.Length
            Ret2(i) = IV(i - Ret.Length)
        Next
        EnCrypt = Ret2

    End Function

and then I would convert the encrypted bytes to a string like so....


    Public Shared Function GetString(ByVal B() As Byte) As String
        Dim UTF8 As New System.Text.UnicodeEncoding
        Return UTF8.GetString(B)
    End Function

Notice that I left out part of the key functions....don't want to give tha 
away :)




Message from Don Demsak <[EMAIL PROTECTED]>@DISCUSS.DEVELOP.COM received on 
08/25/2005 10:44 AM

08/25/2005 10:44 AM



Don Demsak <[EMAIL PROTECTED]>@DISCUSS.DEVELOP.COM

Please respond to "Unmoderated discussion of advanced .NET topics." 
<ADVANCED-DOTNET@DISCUSS.DEVELOP.COM>
Sent by "Unmoderated discussion of advanced .NET topics." 
<ADVANCED-DOTNET@DISCUSS.DEVELOP.COM>



        To:     ADVANCED-DOTNET@DISCUSS.DEVELOP.COM
        cc: 
        Subject:        Re: [ADVANCED-DOTNET] Encrypted value in App.config

You can encrypt connection strings within config files, just not the whole 

config file. I have a presentation and project that does just that: 
http://donxml.com/presentations/EncryptedConnectionStringSolution.zip . I 
typically use it to teach Object Oriented Design. If you want to skip all 
the OO stuff you can use Carl Franklin's project: 
http://weblogs.asp.net/cfranklin/archive/2004/03/18/91746.aspx The down side 
to this solution is that it is machine dependent (the 
encryption/decryption 
must be done on the same machine).
 Don

===================================
This list is hosted by DevelopMentorĀ®  http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com



===================================
This list is hosted by DevelopMentorĀ®  http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com

Reply via email to